Overview The Security Vulnerability and Penetration Testing Engineer will oversee and serve as a technical resource for all assessment activities related to the security posture of existing and proposed firm systems, platforms, and processes to protect and continually improve the confidentiality, integrity, and availability of information systems per the firm's business objectives, regulatory requirements, and strategic goals. Responsibilities Perform security penetration testing of the Firms systems, platforms, and applications Serve as a Subject Matter Expert (SME) for the VAPT function Serve as the system owner for common VAPT toolsets, platforms, and processes Provide technical assessment reports that are easily understandable by the target audience and include practical and reasonable recommendations based upon sound risk management principles Qualifications A Computer Science bachelors degree or substantially equivalent experience CISSP is required GIAC GPEN or GWAPT is preferred Offensive Security OSCP is required Commanding knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking Expert understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables Extensive experience with common automated VAPT tools such as Nessus, Appscan, Burp Suite, Nipper, and Trustwave Expert in common attack tools and frameworks such as Wireshark, Kali, Metasploit, etc. Expert in mobile platform security technology, including vulnerability identification and exploitation tools, as well as mobile platform security best practices, frameworks, etc. Understand VAPT in the context of risk management and organizational priorities Passionate in the practice and pursuit of VAPT excellence Able to validate the presence of identified vulnerabilities with accuracy Master in common application platforms and technologies to effectively understand and evaluate complex application assessments via the use of manual techniques and simple tools such as proxies and browser plugins Authoritative mastery of OWASP, CVE, general security controls, and other foundational topics, such as the latest application and operating system exploits Expert knowledge of common scripting and programming languages is advantageous Ongoing commitment to understanding the threat landscape and common adversary motivations/practices. Ability to quickly adapt practices to evolving circumstances Able to maintain critical thinking and composure under pressure Strong written and oral communication skills. Ability to convey complex concepts to non-technical constituents. Proficiency in oral and written English Able to assist with the preparation of internal training materials and documentation Location Location: Belfast, Manila, or Tampa Centers, or the Chicago office Reports to Director, Security Engineering Travel requirements Ad hoc travel will be required. Position Type Center Development Framework Business Support About Us At Baker McKenzie we are different in the way we think, work and behave. With our team of 13,000 people, including over 6,500 locally admitted lawyers, in over 70 offices worldwide, we have a passionately collaborative community of 60 nationalities and are committed to world-class career development to everyone in every job at every level. Baker McKenzie can offer you both the uncompromising commitment to excellence expected of a top firm paired with a passionately global and genuinely collaborative working environment. Additional Information Baker McKenzie is an Equal Opportunity Employer. We are committed to promoting diversity and inclusion for all. Our unique international culture is reflected in the drawing together of a worldwide family of individuals from diverse cultures and backgrounds in all of our offices. We encourage the best people - regardless of race, religion or belief if any, gender, gender identity, disability, sexual orientation or age - to fulfill their professional aspirations with us. We are committed to ensuring an inclusive and accessible experience for all candidates. Seniority level Mid-Senior level Employment type Full-time Job function Engineering and Information Technology Industries Business Consulting and Services #J-18808-Ljbffr B&M Global Services Manila
We are looking for a forward-thinking Manager, DevOps Engineering to join our dynamic IT department. In this role, you will oversee our organization's DevOps strategy, implementation, and team management to ensure alignment with the company's goals. As a leader in our...
...in a fast-paced manufacturing environment ~ Cross-training in welding, assembly, and production processes ~ Strong teamwork skills... ...employee edge with teammates they can hire directly after the contract term. Our nimble company structure, our status as an employer of...
Certified Occupational Therapy Assistant / COTA / OTA/L CCRC in Elizabethton, TN / TENNESSEE Part time - Flexible Schedule; Approximately 10-20 hours per week New graduates welcome! Part time comes with benefits such as: 401(k) Accrued PTO 100% company...
...employees after working 500 hours) Free ski passes for dependents Critical Illness and Accident plans Job Summary: The Housing Manager is responsible for overseeing the housing portfolio for their region and leading a high talent team. This individual will work...
...Job Description Job Description Are you a dedicated real estate agent seeking a brokerage that truly delivers on its promises? Look no further than Regal Realtors! In the ever-changing realm of residential real estate, Regal Realtors not only welcomes change but...